Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1296
Views
0
Helpful
1
Replies

Cisco ISR 4351 tls problem

Go to solution
Lamar
Level 1
Level 1

‎06-17-2020 12:20 AM - edited ‎06-17-2020 09:18 PM

Good day!

Replacing the old cisco 2901 with the new isr 4351. After the replacement, there was a problem. Traffic to the test host goes well over http and partially over https. Some users can get access over https and some can't. When checking with curl it freezes in the phase

```
* TCP_NODELAY set
* Connected to ######test_servise####### (#####white ip######) port 443 (#0)
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
```

ios-xe 16.06.4

Added ip adjust-mss 1452 to the Internet interface and everything worked!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Lamar
Level 1
Level 1

‎06-17-2020 09:19 PM

Added ip adjust-mss 1452 to the Internet interface and everything worked!

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Lamar
Level 1
Level 1

‎06-17-2020 09:19 PM

Added ip adjust-mss 1452 to the Internet interface and everything worked!
0 Helpful
Customers Also Viewed These Support Documents